Dealing with multiple form submits

Forum Moderators: coopster

Message Too Old, No Replies

Dealing with multiple form submits

what are the best ways to deal with multiple form submits using php?

lobo235

10:25 pm on Mar 27, 2007 (gmt 0)

I have implemented javascript code to try and block multiple form submissions on many of my pages but if users have javascript disabled this does no good. I have brainstormed and come up with some different methods to implement a server-side solution to the problem and I am curious to know what everyone else is doing to prevent these duplicate submissions by careless/impatient users.

How do you handle the multiple form submit problem?

joelgreen

11:21 pm on Mar 27, 2007 (gmt 0)

Disable post button with javascript after clicked once.

Should be some server-side logic if javascript is not supported. Like ignoring posts from the same ip (maybe check via cookie) if NNN seconds have not passed yet from the last post.

eelixduppy

11:34 pm on Mar 27, 2007 (gmt 0)

Many times a resubmit is due to a page refresh of the action page, where the information is submitted again. If you redirect the action page somewhere else, you can eliminate this cause significantly.

lobo235

2:06 pm on Mar 29, 2007 (gmt 0)

I do use javascript to disable the submit button but not all users have javascript enabled so I need a server-side solution as well. Also, I already redirect all form action pages so they can not be refreshed. Once again, I am not looking for a javascript solution here as it only helps the problem but cannot solve it 100%.

The problem I am seeing is with forms that take a bit of processing so they take around 10 seconds to process and complete all the needed actions before sending the user to the success/failure page. On these forms the user may get impatient and click the submit button again causing the data to be submitted twice.

The solution to the problem in my mind is fairly complex as it involves creating an md5 hash on the values in the form that should always be unique and saving that hash in the user's session so that if they try to submit the same form again during their session it will block the second submit. This allows the user to still use their browser's back button to get back to the form and they can modify the fields and submit the form again with the new values. As long as the new values are unique then their md5 hash will be different and the submit will work fine.

Does anyone see any problems with this approach or perhaps a better/simpler/easier way to accomplish the same thing?